Add maven release workflow (#815)

wing328 · web-flow · commit 3e999a1b953c · 2025-08-22T13:18:53.000+08:00
* add maven release workflow

* use jdk 11

* update workflow

* fix

* skip tests

* use mvnw

* update

* update

* fix passphrase

* skip pull request

* comment out old release workflow
diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml
@@ -0,0 +1,61 @@
+name: Make release
+
+on:
+  push:
+    branches:
+      - master
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Set up JDK 11
+        uses: actions/setup-java@v3
+        with:
+          java-version: 11
+          distribution: 'zulu'
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+      - name: Build
+        run: ./mvnw clean install -DskipTests=true
+        #run: ./mvnw clean install
+
+  publish-OSSRH:
+    runs-on: ubuntu-latest
+    name: Publish to Maven Central
+    needs: build
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+ 
+      - id: install-secret-key
+        name: Install gpg secret key
+        run: |
+          cat <(echo -e "${{ secrets.GPG_PRIVATE_KEY }}") | gpg --batch --import
+          gpg --list-secret-keys --keyid-format LONG
+
+      - name: Set up Maven Central Repository
+        uses: actions/setup-java@v3
+        with:
+          java-version: 11
+          distribution: 'zulu'
+          server-id: central
+          server-username: MAVEN_USERNAME
+          server-password: MAVEN_PASSWORD
+
+      - name: Publish package
+        run: ./mvnw -DskipTests=true --batch-mode -P release -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }} deploy
+        env:
+          MAVEN_USERNAME: ${{ secrets.OSS_USERNAME }}
+          MAVEN_PASSWORD: ${{ secrets.OSS_PASSWORD }}
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
@@ -54,6 +54,7 @@ jobs:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
       run: ./mvnw -B -ntp -ff org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
-    - name: Release Snapshot
-      if: matrix.java_version == '11'
-      run: ./mvnw -V -B -ntp -ff deploy
+    # snapshot releases now handled by maven-release.yml
+    #- name: Release Snapshot
+    #  if: matrix.java_version == '11'
+    #  run: ./mvnw -V -B -ntp -ff deploy
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -13,35 +13,36 @@ env:
   OSS_PASSWORD: ${{ secrets.OSS_PASSWORD }}
   GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
 jobs:
-  release:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Set up JDK 11
-        uses: actions/setup-java@v4
-        with:
-          distribution: 'zulu'
-          java-version: 11
-          cache: 'maven'
-          # Value of the distributionManagement/repository/id field of the pom.xml
-          server-id: central
-          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
-          server-username: OSS_USERNAME
-          server-password: OSS_PASSWORD
-          gpg-passphrase: GPG_PASSPHRASE
-      - name: Setup Git
-        run: |
-          git config --global committer.email "noreply@github.com"
-          git config --global committer.name "GitHub Release"
-          git config --global author.email "${GITHUB_ACTOR}@users.noreply.github.com"
-          git config --global author.name "${GITHUB_ACTOR}"
-      - name: Release
-        run: ./mvnw -V -B -ntp -Prelease -DreleaseVersion=${{ github.event.inputs.releaseVersion }} -DdevelopmentVersion=${{ github.event.inputs.developmentVersion }} release:prepare release:perform
-      - name: Rollback on failure
-        if: ${{ failure() }}
-        run: |
-          ./mvnw -B release:rollback -Prelease -Dgpg.passphrase=${{secrets.GPG_PASSPHRASE}}
-          echo "You may need to manually delete the GitHub tag, if it was created."
+  # replaced by maven-release.yml
+  #release:
+  #  runs-on: ubuntu-latest
+  #  steps:
+  #    - uses: actions/checkout@v4
+  #    - name: Set up JDK 11
+  #      uses: actions/setup-java@v4
+  #      with:
+  #        distribution: 'zulu'
+  #        java-version: 11
+  #        cache: 'maven'
+  #        # Value of the distributionManagement/repository/id field of the pom.xml
+  #        server-id: central
+  #        gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
+  #        server-username: OSS_USERNAME
+  #        server-password: OSS_PASSWORD
+  #        gpg-passphrase: GPG_PASSPHRASE
+  #    - name: Setup Git
+  #      run: |
+  #        git config --global committer.email "noreply@github.com"
+  #        git config --global committer.name "GitHub Release"
+  #        git config --global author.email "${GITHUB_ACTOR}@users.noreply.github.com"
+  #        git config --global author.name "${GITHUB_ACTOR}"
+  #    - name: Release
+  #      run: ./mvnw -V -B -ntp -Prelease -DreleaseVersion=${{ github.event.inputs.releaseVersion }} -DdevelopmentVersion=${{ github.event.inputs.developmentVersion }} release:prepare release:perform
+  #    - name: Rollback on failure
+  #      if: ${{ failure() }}
+  #      run: |
+  #        ./mvnw -B release:rollback -Prelease -Dgpg.passphrase=${{secrets.GPG_PASSPHRASE}}
+  #        echo "You may need to manually delete the GitHub tag, if it was created."
   docker:
     needs: release
     runs-on: ubuntu-latest
diff --git a/pom.xml b/pom.xml
@@ -192,11 +192,27 @@
         </profile>
         <profile>
             <id>release</id>
+            <distributionManagement>
+                <repository>
+                    <id>central</id>
+                    <name>Central Repository OSSRH</name>
+                    <url>https://central.sonatype.com/</url>
+                </repository>
+                <snapshotRepository>
+                    <id>central</id>
+                    <name>Central Repository OSSRG Snapshots</name>
+                    <url>https://central.sonatype.com/repository/maven-snapshots/</url>
+                    <snapshots>
+                        <enabled>true</enabled>
+                    </snapshots>
+                </snapshotRepository>
+            </distributionManagement>
             <build>
                 <plugins>
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-gpg-plugin</artifactId>
+                        <version>1.5</version>
                         <configuration>
                             <gpgArguments>
                                 <arg>--pinentry-mode</arg>
@@ -216,12 +232,12 @@
                     <plugin>
                         <groupId>org.sonatype.central</groupId>
                         <artifactId>central-publishing-maven-plugin</artifactId>
-                        <version>0.7.0</version>
+                        <version>0.8.0</version>
                         <extensions>true</extensions>
                         <configuration>
-                            <publishingServerId>ossrh</publishingServerId>
+                            <publishingServerId>central</publishingServerId>
                             <autoPublish>true</autoPublish>
-                            <waitUntil>published</waitUntil>
+                            <checksums>required</checksums>
                         </configuration>
                     </plugin>
                     <plugin>
@@ -256,18 +272,6 @@
                             </execution>
                         </executions>
                     </plugin>
-                    <plugin>
-                        <groupId>org.cyclonedx</groupId>
-                        <artifactId>cyclonedx-maven-plugin</artifactId>
-                        <executions>
-                            <execution>
-                                <phase>package</phase>
-                                <goals>
-                                    <goal>makeAggregateBom</goal>
-                                </goals>
-                            </execution>
-                        </executions>
-                    </plugin>
                 </plugins>
             </build>
         </profile>
@@ -352,11 +356,6 @@
                     <artifactId>sonar-maven-plugin</artifactId>
                     <version>5.1.0.4751</version>
                 </plugin>
-                <plugin>
-                    <groupId>org.cyclonedx</groupId>
-                    <artifactId>cyclonedx-maven-plugin</artifactId>
-                    <version>2.9.1</version>
-                </plugin>
             </plugins>
         </pluginManagement>
         <plugins>
